KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > security > jacc > SubjectPolicyContextHandler


1 /*
2  * JBoss, the OpenSource J2EE webOS
3  *
4  * Distributable under LGPL license.
5  * See terms of license at gnu.org.
6  *
7  */
8 package org.jboss.security.jacc;
9
10 import java.security.AccessController JavaDoc;
11 import java.security.PrivilegedAction JavaDoc;
12 import java.util.Set JavaDoc;
13 import java.util.HashSet JavaDoc;
14 import javax.security.auth.Subject JavaDoc;
15 import javax.security.jacc.PolicyContextException JavaDoc;
16 import javax.security.jacc.PolicyContextHandler JavaDoc;
17
18 import org.jboss.security.RunAsIdentity;
19 import org.jboss.security.SecurityAssociation;
20
21 /** A PolicyContextHandler for the current authenticated Subject.
22  * @author Scott.Stark@jboss.org
23  * @version $Revison:$
24  */
25 public class SubjectPolicyContextHandler implements PolicyContextHandler JavaDoc
26 {
27    public static final String JavaDoc SUBJECT_CONTEXT_KEY = "javax.security.auth.Subject.container";
28    public static final HashSet JavaDoc EMPTY_SET = new HashSet JavaDoc();
29
30    private static class GetSubjectAction implements PrivilegedAction JavaDoc
31    {
32       static PrivilegedAction JavaDoc ACTION = new GetSubjectAction();
33       public Object JavaDoc run()
34       {
35          Subject JavaDoc theSubject = null;
36          Subject JavaDoc activeSubject = SecurityAssociation.getSubject();
37          if( activeSubject != null )
38          {
39             Set JavaDoc principalsSet = null;
40             RunAsIdentity callerRunAsIdentity = (RunAsIdentity)
41                SecurityAssociation.peekRunAsIdentity(1);
42             if( callerRunAsIdentity == null )
43             {
44                principalsSet = activeSubject.getPrincipals();
45             }
46             else
47             {
48                principalsSet = callerRunAsIdentity.getRunAsRoles();
49             }
50
51             theSubject = new Subject JavaDoc(true, principalsSet,
52                activeSubject.getPublicCredentials(),
53                activeSubject.getPrivateCredentials());
54          }
55          else
56          {
57             RunAsIdentity callerRunAsIdentity = (RunAsIdentity)
58                SecurityAssociation.peekRunAsIdentity(1);
59             if( callerRunAsIdentity != null )
60             {
61                Set JavaDoc principalsSet = callerRunAsIdentity.getRunAsRoles();
62                theSubject = new Subject JavaDoc(true, principalsSet, EMPTY_SET, EMPTY_SET);
63             }
64          }
65          return theSubject;
66       }
67    }
68
69    public Object JavaDoc getContext(String JavaDoc key, Object JavaDoc data)
70       throws PolicyContextException JavaDoc
71    {
72       if( key.equalsIgnoreCase(SUBJECT_CONTEXT_KEY) == false )
73          return null;
74
75       Subject JavaDoc subject = (Subject JavaDoc) AccessController.doPrivileged(GetSubjectAction.ACTION);
76       return subject;
77    }
78
79    public String JavaDoc[] getKeys()
80       throws PolicyContextException JavaDoc
81    {
82       String JavaDoc[] keys = {SUBJECT_CONTEXT_KEY};
83       return keys;
84    }
85
86    public boolean supports(String JavaDoc key)
87       throws PolicyContextException JavaDoc
88    {
89       return key.equalsIgnoreCase(SUBJECT_CONTEXT_KEY);
90    }
91 }
92
Popular Tags